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British business can do 
better with vulnerabilities 


By Ron Condon 

British businesses have done well 
to protect themselves against most 
viruses, but they lag in patching 
vulnerabilities and planning for 
business continuity. 

According to new research from 
the DTI (the full Information 
Security Breaches Survey will be 
published on 27 April), most com- 
panies (93 per cent) have anti-virus 


(AV) software in place and update 
it regularly. But the same research 
shows that even among large com- 
panies, only 41 per cent have made 
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any business continuity planning. 
Only 20 per cent of small compa- 
nies have a business recovery plan. 

“We were surprised how good 
people are at applying AV soft- 
ware,” said Chris Potter, a partner at 
PwC, the consultancy that carried 
out the research. “It is easy to justify 
spending money on anti-virus.” 

Potter said the biggest cause of 
serious incidents in 2003 was 
Blaster, a worm that by-passed AV 
software by exploiting a vulnerabi- 
lity in Windows. “Organisations are 
now facing blended threats that 
possess characteristics of viruses, 
worms and Trojans, and blend these 
with hacking attacks,” he said. 

The answer is to apply vulner- 
ability patches more quickly. 
“Companies take between 30 and 
60 days to apply patches,” said 
Gerhard Eschelbeck, CTO for 
Qualys, which worked with PwC to 
analyse the report’s findings. “This 
needs to come down to 15 to 20 
days, which would dramatically 
reduce the risk.” 


